A Data Principal's right to have inaccurate or incomplete personal data corrected, completed, or updated.
The Right to Correction under DPDPA Section 11(1)(b) entitles Data Principals to request correction of inaccurate or misleading personal data, completion of incomplete data, and updating of data that is no longer current. The Data Fiduciary must process correction requests within the prescribed timeline. When data has been shared with processors or other fiduciaries, corrections must be propagated to all recipients.
Incorrect data in your systems can cause real harm — wrong credit decisions, incorrect medical treatments, or employment discrimination. Correction requests must be processed efficiently and propagated to all downstream systems.
A customer of a Lucknow insurance company notices their claim was rejected because their age was recorded incorrectly. They submit a correction request with their birth certificate. The insurer must correct the record within 30 days and notify the claims processor to re-evaluate.
You cannot require extensive "proof" before making corrections. The standard is reasonableness — if the correction is plausible and supported by basic evidence, you must comply.
DPDPA Shield automates Data Principal Rights. See how →